Security Must Haves for Your ‘BYOD’ Policy

BYOD, Bring Your Own Device, has been around for a while and it was first used as an expression in 2004. 


The idea behind BYOD is simple: employees bring personal devices such as laptops, tablets, external disk drives, and smartphones to use at work. Smartphones are by far the most popular BYOD devices because they’re easy to transport and something nearly all of us carry with us everywhere we go. It’s likely that, if an employee is using a personal device at work, they will be accessing company data, emails, programs and connecting to the business network. 


So what are some of the benefits of BYOD and is it a good idea to allow it in your business? 


The major benefits of BYOD 


Convenience is a big factor in favor of BYOD. Smartphones can now do most of the things a PC can do and many UK employees now use their phone at work. 


For employees in IT and tech, and computer based industries such as marketing and the creative industries, information and communications, photography and professional services there is an acceptance of using smartphones for work tasks.



For small businesses the convenience and cost savings of having employee devices to help with business tasks can be valuable. 


Of course the benefit of this portability and constant access to a personal mobile device can mean greater productivity too. If employees already know the device inside out and don’t need training it’s easier for them to use it for work tasks. Plus emails can be checked, and work can be completed on the train or bus ride to work. 


It is estimated that portable devices can save employees 58 minutes per day, and this will benefit both the employee and the business. When you add in the fact that in general employees like BYOD and it increases job satisfaction, while also reducing IT issues in many cases, there are a lot of good reasons to enable a BYOD policy.


How should you manage BYOD securely?


Creating and enforcing a BYOD policy is important to maintain security. The most basic form of a BYOD policy is a document  that outlines how employees should access corporate networks and data. 


The policy should set up clear guidelines and ensure employees know and understand them to protect the company IT infrastructure and data from hackers and other cyber attacks such as ransomware. A BYOD policy is also likely to be necessary to ensure you meet compliance from external bodies, comply with laws such as GDPR, and stay in line with contractual agreements with clients. 


In order to establish a BYOD policy you first need to manage an audit of the existing system, and outline the potential threats and opportunities from the practice. 


This information will then allow you to establish goals and rules for BYOD that work for the business and employees. 


Some of the areas the policy should cover included permitted and non-permitted tasks, plus a definition of what is considered acceptable use of personal devices. It should detail security measures, password rules, encryptions, two factor authentication and so on. Also include details of user responsibility, a statement on who is responsible for costs, and details on how monitoring of the devices will take place. 


For full details on what should be included there are a few good resources online. Google has a good BYOD policy guidance and Microsoft also offers similar informative content. 


If you would like more information on BYOD for your business, plus some of the software and technologies that can help you implement and manage BYOD, it is worth consulting with an IT support company. 


About EC-MSP, your IT partner

EC-MSP are one of the most trusted IT support providers in London. If you would like more help advice and support with technology for your business, contact us today to see how we can help.